Sujet Précédent Sujet Suivant

Redemande d'assistance pour virus msn

Fermé
sewine - 17 févr. 2008 à 09:05
 sewine - 17 févr. 2008 à 11:09
Bonjour,
g le virus msn image et sous les conseil d'un menbre g fait virtu mond , msn fix, et vundofix en cours ,
voici les raport des 2 premier
et aussi avg
(question idiote a quoi sert d'envoyer les rapport ?)
MSNFix 1.661

C:\Documents and Settings\HP_Administrateur\Bureau\MSNFix
Fix exécuté le 16/02/2008 - 20:12:45,51 By HP_Administrateur
mode normal

************************ Recherche les fichiers présents

... C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\image???.zip
... C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\removalfile.bat
... C:\WINDOWS\system32\mcrh.tmp

************************ Recherche les dossiers présents

... C:\Temp\




************************ Suppression des fichiers

.. OK ... C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\image???.zip
.. OK ... C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\removalfile.bat
.. OK ... C:\WINDOWS\system32\mcrh.tmp


************************ Suppression des dossiers

/!\ ... C:\Temp\


************************ Nettoyage du registre



************************ Fichiers suspects

Aucun Fichier trouvé


Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 16022008_20161200.zip



------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------
A voir également:

4 réponses

Réponse 1 / 4
sewine
17 févr. 2008 à 09:06
[02/16/2008, 23:47:02] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\HP_Administrateur\Bureau\VirtumundoBeGone.exe" )
[02/16/2008, 23:47:03] - Detected System Information:
[02/16/2008, 23:47:03] - Windows Version: 5.1.2600, Service Pack 2
[02/16/2008, 23:47:03] - Current Username: HP_Administrateur (Admin)
[02/16/2008, 23:47:04] - Windows is in NORMAL mode.
[02/16/2008, 23:47:04] - Searching for Browser Helper Objects:
[02/16/2008, 23:47:04] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/16/2008, 23:47:04] - BHO 2: {0EEDB912-C5FA-486F-8334-57288578C627} (Shareaza Web Download Hook)
[02/16/2008, 23:47:04] - BHO 3: {1F744DCD-79A5-47B1-802A-2FA8FA1D3856} ()
[02/16/2008, 23:47:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:04] - Checking for HKLM\...\Winlogon\Notify\vtsts
[02/16/2008, 23:47:04] - Key not found: HKLM\...\Winlogon\Notify\vtsts, continuing.
[02/16/2008, 23:47:04] - BHO 4: {23D44BCF-AA7A-41D6-8905-E808F16322EF} ()
[02/16/2008, 23:47:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:04] - Checking for HKLM\...\Winlogon\Notify\pmnnmkj
[02/16/2008, 23:47:04] - Found: HKLM\...\Winlogon\Notify\pmnnmkj - This is probably Virtumundo.
[02/16/2008, 23:47:04] - Assigning {23D44BCF-AA7A-41D6-8905-E808F16322EF} MSEvents Object
[02/16/2008, 23:47:04] - BHO list has been changed! Starting over...
[02/16/2008, 23:47:04] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/16/2008, 23:47:04] - BHO 2: {0EEDB912-C5FA-486F-8334-57288578C627} (Shareaza Web Download Hook)
[02/16/2008, 23:47:04] - BHO 3: {1F744DCD-79A5-47B1-802A-2FA8FA1D3856} ()
[02/16/2008, 23:47:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:04] - Checking for HKLM\...\Winlogon\Notify\vtsts
[02/16/2008, 23:47:04] - Key not found: HKLM\...\Winlogon\Notify\vtsts, continuing.
[02/16/2008, 23:47:04] - BHO 4: {23D44BCF-AA7A-41D6-8905-E808F16322EF} (MSEvents Object)
[02/16/2008, 23:47:04] - ALERT: Found MSEvents Object!
[02/16/2008, 23:47:04] - BHO 5: {6F733421-ADEE-410B-9816-53CA77801C81} ()
[02/16/2008, 23:47:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:04] - Checking for HKLM\...\Winlogon\Notify\ddcyx
[02/16/2008, 23:47:04] - Key not found: HKLM\...\Winlogon\Notify\ddcyx, continuing.
[02/16/2008, 23:47:04] - BHO 6: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/16/2008, 23:47:04] - BHO 7: {8DF51381-911B-4511-B4A2-C9CEEBBB6687} ()
[02/16/2008, 23:47:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:04] - Checking for HKLM\...\Winlogon\Notify\geeba
[02/16/2008, 23:47:04] - Key not found: HKLM\...\Winlogon\Notify\geeba, continuing.
[02/16/2008, 23:47:05] - BHO 8: {8E2D08C7-BFCD-4A96-AF63-ED1F6CC7CEAA} ()
[02/16/2008, 23:47:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:05] - Checking for HKLM\...\Winlogon\Notify\mlljg
[02/16/2008, 23:47:05] - Key not found: HKLM\...\Winlogon\Notify\mlljg, continuing.
[02/16/2008, 23:47:05] - BHO 9: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[02/16/2008, 23:47:05] - BHO 10: {9370AF9A-7381-4DF1-8DCE-E14D7373DD04} ()
[02/16/2008, 23:47:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:05] - Checking for HKLM\...\Winlogon\Notify\mljgg
[02/16/2008, 23:47:05] - Key not found: HKLM\...\Winlogon\Notify\mljgg, continuing.
[02/16/2008, 23:47:05] - BHO 11: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/16/2008, 23:47:05] - BHO 12: {af4f9a83-128b-4cdd-99e9-af929adc7e43} ()
[02/16/2008, 23:47:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:05] - Checking for HKLM\...\Winlogon\Notify\ndfvqbys
[02/16/2008, 23:47:05] - Key not found: HKLM\...\Winlogon\Notify\ndfvqbys, continuing.
[02/16/2008, 23:47:05] - BHO 13: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[02/16/2008, 23:47:05] - BHO 14: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
[02/16/2008, 23:47:05] - BHO 15: {FA7B315A-26D9-46C9-AA2B-DED6B66E0BFB} ()
[02/16/2008, 23:47:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:05] - Checking for HKLM\...\Winlogon\Notify\mllmj
[02/16/2008, 23:47:05] - Key not found: HKLM\...\Winlogon\Notify\mllmj, continuing.
[02/16/2008, 23:47:05] - Finished Searching Browser Helper Objects
[02/16/2008, 23:47:05] - *** Detected MSEvents Object
[02/16/2008, 23:47:05] - Trying to remove MSEvents Object...
[02/16/2008, 23:47:06] - Terminating Process: IEXPLORE.EXE
[02/16/2008, 23:47:07] - Terminating Process: RUNDLL32.EXE
[02/16/2008, 23:47:07] - Disabling Automatic Shell Restart
[02/16/2008, 23:47:07] - Terminating Process: EXPLORER.EXE
[02/16/2008, 23:47:09] - Suspending the NT Session Manager System Service
[02/16/2008, 23:47:09] - Terminating Windows NT Logon/Logoff Manager
[02/16/2008, 23:47:09] - Re-enabling Automatic Shell Restart
[02/16/2008, 23:47:09] - File to disable: C:\WINDOWS\system32\pmnnmkj.dll
[02/16/2008, 23:47:10] - Renaming C:\WINDOWS\system32\pmnnmkj.dll -> C:\WINDOWS\system32\pmnnmkj.dll.vir
[02/16/2008, 23:47:12] - File successfully renamed!
[02/16/2008, 23:47:12] - Removing HKLM\...\Browser Helper Objects\{23D44BCF-AA7A-41D6-8905-E808F16322EF}
[02/16/2008, 23:47:12] - Removing HKCR\CLSID\{23D44BCF-AA7A-41D6-8905-E808F16322EF}
[02/16/2008, 23:47:12] - Adding Kill Bit for ActiveX for GUID: {23D44BCF-AA7A-41D6-8905-E808F16322EF}
[02/16/2008, 23:47:12] - Deleting ATLEvents/MSEvents Registry entries
[02/16/2008, 23:47:12] - Removing HKLM\...\Winlogon\Notify\pmnnmkj
[02/16/2008, 23:47:12] - Searching for Browser Helper Objects:
[02/16/2008, 23:47:12] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/16/2008, 23:47:12] - BHO 2: {0EEDB912-C5FA-486F-8334-57288578C627} (Shareaza Web Download Hook)
[02/16/2008, 23:47:12] - BHO 3: {1F744DCD-79A5-47B1-802A-2FA8FA1D3856} ()
[02/16/2008, 23:47:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:13] - Checking for HKLM\...\Winlogon\Notify\vtsts
[02/16/2008, 23:47:13] - Key not found: HKLM\...\Winlogon\Notify\vtsts, continuing.
[02/16/2008, 23:47:13] - BHO 4: {6F733421-ADEE-410B-9816-53CA77801C81} ()
[02/16/2008, 23:47:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:13] - Checking for HKLM\...\Winlogon\Notify\ddcyx
[02/16/2008, 23:47:13] - Key not found: HKLM\...\Winlogon\Notify\ddcyx, continuing.
[02/16/2008, 23:47:13] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/16/2008, 23:47:13] - BHO 6: {8DF51381-911B-4511-B4A2-C9CEEBBB6687} ()
[02/16/2008, 23:47:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:13] - Checking for HKLM\...\Winlogon\Notify\geeba
[02/16/2008, 23:47:13] - Key not found: HKLM\...\Winlogon\Notify\geeba, continuing.
[02/16/2008, 23:47:13] - BHO 7: {8E2D08C7-BFCD-4A96-AF63-ED1F6CC7CEAA} ()
[02/16/2008, 23:47:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:13] - Checking for HKLM\...\Winlogon\Notify\mlljg
[02/16/2008, 23:47:13] - Key not found: HKLM\...\Winlogon\Notify\mlljg, continuing.
[02/16/2008, 23:47:13] - BHO 8: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[02/16/2008, 23:47:13] - BHO 9: {9370AF9A-7381-4DF1-8DCE-E14D7373DD04} ()
[02/16/2008, 23:47:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:13] - Checking for HKLM\...\Winlogon\Notify\mljgg
[02/16/2008, 23:47:13] - Key not found: HKLM\...\Winlogon\Notify\mljgg, continuing.
[02/16/2008, 23:47:13] - BHO 10: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/16/2008, 23:47:14] - BHO 11: {af4f9a83-128b-4cdd-99e9-af929adc7e43} ()
[02/16/2008, 23:47:14] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:14] - Checking for HKLM\...\Winlogon\Notify\ndfvqbys
[02/16/2008, 23:47:14] - Key not found: HKLM\...\Winlogon\Notify\ndfvqbys, continuing.
[02/16/2008, 23:47:14] - BHO 12: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[02/16/2008, 23:47:14] - BHO 13: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
[02/16/2008, 23:47:14] - BHO 14: {FA7B315A-26D9-46C9-AA2B-DED6B66E0BFB} ()
[02/16/2008, 23:47:14] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:14] - Checking for HKLM\...\Winlogon\Notify\mllmj
[02/16/2008, 23:47:14] - Key not found: HKLM\...\Winlogon\Notify\mllmj, continuing.
[02/16/2008, 23:47:14] - Finished Searching Browser Helper Objects
[02/16/2008, 23:47:14] - Finishing up...
[02/16/2008, 23:47:14] - A restart is needed.
[02/16/2008, 23:47:14] - Automatic Reboot on STOP Error is not set. User will have to manually restart.
[02/16/2008, 23:47:18] - Attempting to Restart via STOP error (Blue Screen!)

[02/17/2008, 8:36:32] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\HP_Administrateur\Bureau\VirtumundoBeGone.exe" )
[02/17/2008, 8:36:36] - Detected System Information:
[02/17/2008, 8:36:36] - Windows Version: 5.1.2600, Service Pack 2
[02/17/2008, 8:36:36] - Current Username: HP_Administrateur (Admin)
[02/17/2008, 8:36:36] - Windows is in NORMAL mode.
[02/17/2008, 8:36:36] - Searching for Browser Helper Objects:
[02/17/2008, 8:36:36] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/17/2008, 8:36:36] - BHO 2: {0EEDB912-C5FA-486F-8334-57288578C627} (Shareaza Web Download Hook)
[02/17/2008, 8:36:36] - BHO 3: {1F744DCD-79A5-47B1-802A-2FA8FA1D3856} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\vtsts
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\vtsts, continuing.
[02/17/2008, 8:36:36] - BHO 4: {6F733421-ADEE-410B-9816-53CA77801C81} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\ddcyx
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\ddcyx, continuing.
[02/17/2008, 8:36:36] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/17/2008, 8:36:36] - BHO 6: {8DF51381-911B-4511-B4A2-C9CEEBBB6687} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\geeba
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\geeba, continuing.
[02/17/2008, 8:36:36] - BHO 7: {8E2D08C7-BFCD-4A96-AF63-ED1F6CC7CEAA} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\mlljg
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\mlljg, continuing.
[02/17/2008, 8:36:36] - BHO 8: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[02/17/2008, 8:36:36] - BHO 9: {9370AF9A-7381-4DF1-8DCE-E14D7373DD04} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\mljgg
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\mljgg, continuing.
[02/17/2008, 8:36:36] - BHO 10: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/17/2008, 8:36:36] - BHO 11: {af4f9a83-128b-4cdd-99e9-af929adc7e43} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\ndfvqbys
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\ndfvqbys, continuing.
[02/17/2008, 8:36:36] - BHO 12: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[02/17/2008, 8:36:36] - BHO 13: {B6388AD8-4CD8-4065-9CBD-20F91A2F804B} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\mllmj
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\mllmj, continuing.
[02/17/2008, 8:36:36] - BHO 14: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
[02/17/2008, 8:36:36] - Finished Searching Browser Helper Objects
[02/17/2008, 8:36:36] - Finishing up...
[02/17/2008, 8:36:36] - Nothing found! Exiting...

[02/17/2008, 9:05:57] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\HP_Administrateur\Bureau\VirtumundoBeGone.exe" )
[02/17/2008, 9:05:58] - Detected System Information:
[02/17/2008, 9:05:58] - Windows Version: 5.1.2600, Service Pack 2
[02/17/2008, 9:05:58] - Current Username: HP_Administrateur (Admin)
[02/17/2008, 9:05:58] - Windows is in NORMAL mode.
[02/17/2008, 9:05:58] - Searching for Browser Helper Objects:
[02/17/2008, 9:05:58] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/17/2008, 9:05:58] - BHO 2: {0EEDB912-C5FA-486F-8334-57288578C627} (Shareaza Web Download Hook)
[02/17/2008, 9:05:58] - BHO 3: {1F744DCD-79A5-47B1-802A-2FA8FA1D3856} ()
[02/17/2008, 9:05:58] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 9:05:58] - Checking for HKLM\...\Winlogon\Notify\vtsts
[02/17/2008, 9:05:58] - Key not found: HKLM\...\Winlogon\Notify\vtsts, continuing.
[02/17/2008, 9:05:58] - BHO 4: {6F733421-ADEE-410B-9816-53CA77801C81} ()
[02/17/2008, 9:05:58] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 9:05:58] - Checking for HKLM\...\Winlogon\Notify\ddcyx
[02/17/2008, 9:05:58] - Key not found: HKLM\...\Winlogon\Notify\ddcyx, continuing.
[02/17/2008, 9:05:58] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/17/2008, 9:05:58] - BHO 6: {8DF51381-911B-4511-B4A2-C9CEEBBB6687} ()
[02/17/2008, 9:05:58] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 9:05:58] - Checking for HKLM\...\Winlogon\Notify\geeba
[02/17/2008, 9:05:58] - Key not found: HKLM\...\Winlogon\Notify\geeba, continuing.
[02/17/2008, 9:05:58] - BHO 7: {8E2D08C7-BFCD-4A96-AF63-ED1F6CC7CEAA} ()
[02/17/2008, 9:05:58] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 9:05:58] - Checking for HKLM\...\Winlogon\Notify\mlljg
[02/17/2008, 9:05:58] - Key not found: HKLM\...\Winlogon\Notify\mlljg, continuing.
[02/17/2008, 9:05:58] - BHO 8: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[02/17/2008, 9:05:59] - BHO 9: {9370AF9A-7381-4DF1-8DCE-E14D7373DD04} ()
[02/17/2008, 9:05:59] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 9:05:59] - Checking for HKLM\...\Winlogon\Notify\mljgg
[02/17/2008, 9:05:59] - Key not found: HKLM\...\Winlogon\Notify\mljgg, continuing.
[02/17/2008, 9:05:59] - BHO 10: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/17/2008, 9:05:59] - BHO 11: {af4f9a83-128b-4cdd-99e9-af929adc7e43} ()
[02/17/2008, 9:05:59] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 9:05:59] - Checking for HKLM\...\Winlogon\Notify\ndfvqbys
[02/17/2008, 9:05:59] - Key not found: HKLM\...\Winlogon\Notify\ndfvqbys, continuing.
[02/17/2008, 9:05:59] - BHO 12: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[02/17/2008, 9:05:59] - BHO 13: {B6388AD8-4CD8-4065-9CBD-20F91A2F804B} ()
[02/17/2008, 9:05:59] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 9:05:59] - Checking for HKLM\...\Winlogon\Notify\mllmj
[02/17/2008, 9:05:59] - Key not found: HKLM\...\Winlogon\Notify\mllmj, continuing.
[02/17/2008, 9:05:59] - BHO 14: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
[02/17/2008, 9:05:59] - Finished Searching Browser Helper Objects
[02/17/2008, 9:05:59] - Finishing up...
[02/17/2008, 9:05:59] - Nothing found! Exiting...
0
Réponse 2 / 4
sewine
17 févr. 2008 à 09:08
VBG
[02/16/2008, 23:47:02] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\HP_Administrateur\Bureau\VirtumundoBeGone.exe" )
[02/16/2008, 23:47:03] - Detected System Information:
[02/16/2008, 23:47:03] - Windows Version: 5.1.2600, Service Pack 2
[02/16/2008, 23:47:03] - Current Username: HP_Administrateur (Admin)
[02/16/2008, 23:47:04] - Windows is in NORMAL mode.
[02/16/2008, 23:47:04] - Searching for Browser Helper Objects:
[02/16/2008, 23:47:04] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/16/2008, 23:47:04] - BHO 2: {0EEDB912-C5FA-486F-8334-57288578C627} (Shareaza Web Download Hook)
[02/16/2008, 23:47:04] - BHO 3: {1F744DCD-79A5-47B1-802A-2FA8FA1D3856} ()
[02/16/2008, 23:47:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:04] - Checking for HKLM\...\Winlogon\Notify\vtsts
[02/16/2008, 23:47:04] - Key not found: HKLM\...\Winlogon\Notify\vtsts, continuing.
[02/16/2008, 23:47:04] - BHO 4: {23D44BCF-AA7A-41D6-8905-E808F16322EF} ()
[02/16/2008, 23:47:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:04] - Checking for HKLM\...\Winlogon\Notify\pmnnmkj
[02/16/2008, 23:47:04] - Found: HKLM\...\Winlogon\Notify\pmnnmkj - This is probably Virtumundo.
[02/16/2008, 23:47:04] - Assigning {23D44BCF-AA7A-41D6-8905-E808F16322EF} MSEvents Object
[02/16/2008, 23:47:04] - BHO list has been changed! Starting over...
[02/16/2008, 23:47:04] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/16/2008, 23:47:04] - BHO 2: {0EEDB912-C5FA-486F-8334-57288578C627} (Shareaza Web Download Hook)
[02/16/2008, 23:47:04] - BHO 3: {1F744DCD-79A5-47B1-802A-2FA8FA1D3856} ()
[02/16/2008, 23:47:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:04] - Checking for HKLM\...\Winlogon\Notify\vtsts
[02/16/2008, 23:47:04] - Key not found: HKLM\...\Winlogon\Notify\vtsts, continuing.
[02/16/2008, 23:47:04] - BHO 4: {23D44BCF-AA7A-41D6-8905-E808F16322EF} (MSEvents Object)
[02/16/2008, 23:47:04] - ALERT: Found MSEvents Object!
[02/16/2008, 23:47:04] - BHO 5: {6F733421-ADEE-410B-9816-53CA77801C81} ()
[02/16/2008, 23:47:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:04] - Checking for HKLM\...\Winlogon\Notify\ddcyx
[02/16/2008, 23:47:04] - Key not found: HKLM\...\Winlogon\Notify\ddcyx, continuing.
[02/16/2008, 23:47:04] - BHO 6: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/16/2008, 23:47:04] - BHO 7: {8DF51381-911B-4511-B4A2-C9CEEBBB6687} ()
[02/16/2008, 23:47:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:04] - Checking for HKLM\...\Winlogon\Notify\geeba
[02/16/2008, 23:47:04] - Key not found: HKLM\...\Winlogon\Notify\geeba, continuing.
[02/16/2008, 23:47:05] - BHO 8: {8E2D08C7-BFCD-4A96-AF63-ED1F6CC7CEAA} ()
[02/16/2008, 23:47:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:05] - Checking for HKLM\...\Winlogon\Notify\mlljg
[02/16/2008, 23:47:05] - Key not found: HKLM\...\Winlogon\Notify\mlljg, continuing.
[02/16/2008, 23:47:05] - BHO 9: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[02/16/2008, 23:47:05] - BHO 10: {9370AF9A-7381-4DF1-8DCE-E14D7373DD04} ()
[02/16/2008, 23:47:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:05] - Checking for HKLM\...\Winlogon\Notify\mljgg
[02/16/2008, 23:47:05] - Key not found: HKLM\...\Winlogon\Notify\mljgg, continuing.
[02/16/2008, 23:47:05] - BHO 11: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/16/2008, 23:47:05] - BHO 12: {af4f9a83-128b-4cdd-99e9-af929adc7e43} ()
[02/16/2008, 23:47:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:05] - Checking for HKLM\...\Winlogon\Notify\ndfvqbys
[02/16/2008, 23:47:05] - Key not found: HKLM\...\Winlogon\Notify\ndfvqbys, continuing.
[02/16/2008, 23:47:05] - BHO 13: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[02/16/2008, 23:47:05] - BHO 14: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
[02/16/2008, 23:47:05] - BHO 15: {FA7B315A-26D9-46C9-AA2B-DED6B66E0BFB} ()
[02/16/2008, 23:47:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:05] - Checking for HKLM\...\Winlogon\Notify\mllmj
[02/16/2008, 23:47:05] - Key not found: HKLM\...\Winlogon\Notify\mllmj, continuing.
[02/16/2008, 23:47:05] - Finished Searching Browser Helper Objects
[02/16/2008, 23:47:05] - *** Detected MSEvents Object
[02/16/2008, 23:47:05] - Trying to remove MSEvents Object...
[02/16/2008, 23:47:06] - Terminating Process: IEXPLORE.EXE
[02/16/2008, 23:47:07] - Terminating Process: RUNDLL32.EXE
[02/16/2008, 23:47:07] - Disabling Automatic Shell Restart
[02/16/2008, 23:47:07] - Terminating Process: EXPLORER.EXE
[02/16/2008, 23:47:09] - Suspending the NT Session Manager System Service
[02/16/2008, 23:47:09] - Terminating Windows NT Logon/Logoff Manager
[02/16/2008, 23:47:09] - Re-enabling Automatic Shell Restart
[02/16/2008, 23:47:09] - File to disable: C:\WINDOWS\system32\pmnnmkj.dll
[02/16/2008, 23:47:10] - Renaming C:\WINDOWS\system32\pmnnmkj.dll -> C:\WINDOWS\system32\pmnnmkj.dll.vir
[02/16/2008, 23:47:12] - File successfully renamed!
[02/16/2008, 23:47:12] - Removing HKLM\...\Browser Helper Objects\{23D44BCF-AA7A-41D6-8905-E808F16322EF}
[02/16/2008, 23:47:12] - Removing HKCR\CLSID\{23D44BCF-AA7A-41D6-8905-E808F16322EF}
[02/16/2008, 23:47:12] - Adding Kill Bit for ActiveX for GUID: {23D44BCF-AA7A-41D6-8905-E808F16322EF}
[02/16/2008, 23:47:12] - Deleting ATLEvents/MSEvents Registry entries
[02/16/2008, 23:47:12] - Removing HKLM\...\Winlogon\Notify\pmnnmkj
[02/16/2008, 23:47:12] - Searching for Browser Helper Objects:
[02/16/2008, 23:47:12] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/16/2008, 23:47:12] - BHO 2: {0EEDB912-C5FA-486F-8334-57288578C627} (Shareaza Web Download Hook)
[02/16/2008, 23:47:12] - BHO 3: {1F744DCD-79A5-47B1-802A-2FA8FA1D3856} ()
[02/16/2008, 23:47:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:13] - Checking for HKLM\...\Winlogon\Notify\vtsts
[02/16/2008, 23:47:13] - Key not found: HKLM\...\Winlogon\Notify\vtsts, continuing.
[02/16/2008, 23:47:13] - BHO 4: {6F733421-ADEE-410B-9816-53CA77801C81} ()
[02/16/2008, 23:47:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:13] - Checking for HKLM\...\Winlogon\Notify\ddcyx
[02/16/2008, 23:47:13] - Key not found: HKLM\...\Winlogon\Notify\ddcyx, continuing.
[02/16/2008, 23:47:13] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/16/2008, 23:47:13] - BHO 6: {8DF51381-911B-4511-B4A2-C9CEEBBB6687} ()
[02/16/2008, 23:47:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:13] - Checking for HKLM\...\Winlogon\Notify\geeba
[02/16/2008, 23:47:13] - Key not found: HKLM\...\Winlogon\Notify\geeba, continuing.
[02/16/2008, 23:47:13] - BHO 7: {8E2D08C7-BFCD-4A96-AF63-ED1F6CC7CEAA} ()
[02/16/2008, 23:47:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:13] - Checking for HKLM\...\Winlogon\Notify\mlljg
[02/16/2008, 23:47:13] - Key not found: HKLM\...\Winlogon\Notify\mlljg, continuing.
[02/16/2008, 23:47:13] - BHO 8: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[02/16/2008, 23:47:13] - BHO 9: {9370AF9A-7381-4DF1-8DCE-E14D7373DD04} ()
[02/16/2008, 23:47:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:13] - Checking for HKLM\...\Winlogon\Notify\mljgg
[02/16/2008, 23:47:13] - Key not found: HKLM\...\Winlogon\Notify\mljgg, continuing.
[02/16/2008, 23:47:13] - BHO 10: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/16/2008, 23:47:14] - BHO 11: {af4f9a83-128b-4cdd-99e9-af929adc7e43} ()
[02/16/2008, 23:47:14] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:14] - Checking for HKLM\...\Winlogon\Notify\ndfvqbys
[02/16/2008, 23:47:14] - Key not found: HKLM\...\Winlogon\Notify\ndfvqbys, continuing.
[02/16/2008, 23:47:14] - BHO 12: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[02/16/2008, 23:47:14] - BHO 13: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
[02/16/2008, 23:47:14] - BHO 14: {FA7B315A-26D9-46C9-AA2B-DED6B66E0BFB} ()
[02/16/2008, 23:47:14] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/16/2008, 23:47:14] - Checking for HKLM\...\Winlogon\Notify\mllmj
[02/16/2008, 23:47:14] - Key not found: HKLM\...\Winlogon\Notify\mllmj, continuing.
[02/16/2008, 23:47:14] - Finished Searching Browser Helper Objects
[02/16/2008, 23:47:14] - Finishing up...
[02/16/2008, 23:47:14] - A restart is needed.
[02/16/2008, 23:47:14] - Automatic Reboot on STOP Error is not set. User will have to manually restart.
[02/16/2008, 23:47:18] - Attempting to Restart via STOP error (Blue Screen!)

[02/17/2008, 8:36:32] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\HP_Administrateur\Bureau\VirtumundoBeGone.exe" )
[02/17/2008, 8:36:36] - Detected System Information:
[02/17/2008, 8:36:36] - Windows Version: 5.1.2600, Service Pack 2
[02/17/2008, 8:36:36] - Current Username: HP_Administrateur (Admin)
[02/17/2008, 8:36:36] - Windows is in NORMAL mode.
[02/17/2008, 8:36:36] - Searching for Browser Helper Objects:
[02/17/2008, 8:36:36] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/17/2008, 8:36:36] - BHO 2: {0EEDB912-C5FA-486F-8334-57288578C627} (Shareaza Web Download Hook)
[02/17/2008, 8:36:36] - BHO 3: {1F744DCD-79A5-47B1-802A-2FA8FA1D3856} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\vtsts
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\vtsts, continuing.
[02/17/2008, 8:36:36] - BHO 4: {6F733421-ADEE-410B-9816-53CA77801C81} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\ddcyx
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\ddcyx, continuing.
[02/17/2008, 8:36:36] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/17/2008, 8:36:36] - BHO 6: {8DF51381-911B-4511-B4A2-C9CEEBBB6687} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\geeba
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\geeba, continuing.
[02/17/2008, 8:36:36] - BHO 7: {8E2D08C7-BFCD-4A96-AF63-ED1F6CC7CEAA} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\mlljg
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\mlljg, continuing.
[02/17/2008, 8:36:36] - BHO 8: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[02/17/2008, 8:36:36] - BHO 9: {9370AF9A-7381-4DF1-8DCE-E14D7373DD04} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\mljgg
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\mljgg, continuing.
[02/17/2008, 8:36:36] - BHO 10: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/17/2008, 8:36:36] - BHO 11: {af4f9a83-128b-4cdd-99e9-af929adc7e43} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\ndfvqbys
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\ndfvqbys, continuing.
[02/17/2008, 8:36:36] - BHO 12: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[02/17/2008, 8:36:36] - BHO 13: {B6388AD8-4CD8-4065-9CBD-20F91A2F804B} ()
[02/17/2008, 8:36:36] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 8:36:36] - Checking for HKLM\...\Winlogon\Notify\mllmj
[02/17/2008, 8:36:36] - Key not found: HKLM\...\Winlogon\Notify\mllmj, continuing.
[02/17/2008, 8:36:36] - BHO 14: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
[02/17/2008, 8:36:36] - Finished Searching Browser Helper Objects
[02/17/2008, 8:36:36] - Finishing up...
[02/17/2008, 8:36:36] - Nothing found! Exiting...

[02/17/2008, 9:05:57] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\HP_Administrateur\Bureau\VirtumundoBeGone.exe" )
[02/17/2008, 9:05:58] - Detected System Information:
[02/17/2008, 9:05:58] - Windows Version: 5.1.2600, Service Pack 2
[02/17/2008, 9:05:58] - Current Username: HP_Administrateur (Admin)
[02/17/2008, 9:05:58] - Windows is in NORMAL mode.
[02/17/2008, 9:05:58] - Searching for Browser Helper Objects:
[02/17/2008, 9:05:58] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/17/2008, 9:05:58] - BHO 2: {0EEDB912-C5FA-486F-8334-57288578C627} (Shareaza Web Download Hook)
[02/17/2008, 9:05:58] - BHO 3: {1F744DCD-79A5-47B1-802A-2FA8FA1D3856} ()
[02/17/2008, 9:05:58] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 9:05:58] - Checking for HKLM\...\Winlogon\Notify\vtsts
[02/17/2008, 9:05:58] - Key not found: HKLM\...\Winlogon\Notify\vtsts, continuing.
[02/17/2008, 9:05:58] - BHO 4: {6F733421-ADEE-410B-9816-53CA77801C81} ()
[02/17/2008, 9:05:58] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 9:05:58] - Checking for HKLM\...\Winlogon\Notify\ddcyx
[02/17/2008, 9:05:58] - Key not found: HKLM\...\Winlogon\Notify\ddcyx, continuing.
[02/17/2008, 9:05:58] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/17/2008, 9:05:58] - BHO 6: {8DF51381-911B-4511-B4A2-C9CEEBBB6687} ()
[02/17/2008, 9:05:58] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 9:05:58] - Checking for HKLM\...\Winlogon\Notify\geeba
[02/17/2008, 9:05:58] - Key not found: HKLM\...\Winlogon\Notify\geeba, continuing.
[02/17/2008, 9:05:58] - BHO 7: {8E2D08C7-BFCD-4A96-AF63-ED1F6CC7CEAA} ()
[02/17/2008, 9:05:58] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 9:05:58] - Checking for HKLM\...\Winlogon\Notify\mlljg
[02/17/2008, 9:05:58] - Key not found: HKLM\...\Winlogon\Notify\mlljg, continuing.
[02/17/2008, 9:05:58] - BHO 8: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[02/17/2008, 9:05:59] - BHO 9: {9370AF9A-7381-4DF1-8DCE-E14D7373DD04} ()
[02/17/2008, 9:05:59] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 9:05:59] - Checking for HKLM\...\Winlogon\Notify\mljgg
[02/17/2008, 9:05:59] - Key not found: HKLM\...\Winlogon\Notify\mljgg, continuing.
[02/17/2008, 9:05:59] - BHO 10: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/17/2008, 9:05:59] - BHO 11: {af4f9a83-128b-4cdd-99e9-af929adc7e43} ()
[02/17/2008, 9:05:59] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 9:05:59] - Checking for HKLM\...\Winlogon\Notify\ndfvqbys
[02/17/2008, 9:05:59] - Key not found: HKLM\...\Winlogon\Notify\ndfvqbys, continuing.
[02/17/2008, 9:05:59] - BHO 12: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[02/17/2008, 9:05:59] - BHO 13: {B6388AD8-4CD8-4065-9CBD-20F91A2F804B} ()
[02/17/2008, 9:05:59] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/17/2008, 9:05:59] - Checking for HKLM\...\Winlogon\Notify\mllmj
[02/17/2008, 9:05:59] - Key not found: HKLM\...\Winlogon\Notify\mllmj, continuing.
[02/17/2008, 9:05:59] - BHO 14: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
[02/17/2008, 9:05:59] - Finished Searching Browser Helper Objects
[02/17/2008, 9:05:59] - Finishing up...
[02/17/2008, 9:05:59] - Nothing found! Exiting...
0
Réponse 3 / 4
sewine
17 févr. 2008 à 11:05
vundo fix me donne pas de rapport ! il scan vundo c tout
0
Réponse 4 / 4
sewine
17 févr. 2008 à 11:09
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:08:52, on 17/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Philips\Philips PhotoFrame\PhotoManager.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\wlancfg.exe
C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\Plugins\RazaWebHook.dll
O2 - BHO: (no name) - {1F744DCD-79A5-47B1-802A-2FA8FA1D3856} - C:\WINDOWS\system32\vtsts.dll (file missing)
O2 - BHO: (no name) - {6F733421-ADEE-410B-9816-53CA77801C81} - C:\WINDOWS\system32\ddcyx.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {8DF51381-911B-4511-B4A2-C9CEEBBB6687} - C:\WINDOWS\system32\geeba.dll (file missing)
O2 - BHO: (no name) - {8E2D08C7-BFCD-4A96-AF63-ED1F6CC7CEAA} - C:\WINDOWS\system32\mlljg.dll (file missing)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9370AF9A-7381-4DF1-8DCE-E14D7373DD04} - C:\WINDOWS\system32\mljgg.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: {34e7cda9-29fa-9e99-ddc4-b82138a9f4fa} - {af4f9a83-128b-4cdd-99e9-af929adc7e43} - C:\WINDOWS\system32\ndfvqbys.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {B6388AD8-4CD8-4065-9CBD-20F91A2F804B} - C:\WINDOWS\system32\mllmj.dll (file missing)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [90c45be5] rundll32.exe "C:\WINDOWS\system32\iofwvgpu.dll",b
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [DEFAULT BEEP] C:\DOCUME~1\HP_ADM~1\APPLIC~1\GREATF~1\Base Shim.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Auto Run Software for Photo Frame] "C:\Program Files\Philips\Philips PhotoFrame\PhotoManager.exe" /autorun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: BoontyBox 01net.lnk = C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: wlancfg.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Shareaza\Plugins\RazaWebHook.dll/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} - https://www.snapfish.fr/2/home
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.fr/SnapfishActivia.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/ImageUploader4.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cirgie.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - https://www.pixum.fr/?p_ref=crm_umleitung_photoreflex_1113
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Veuillez contactez l'assistance itunes pour finaliser la transaction
chico -
Panth33ra -

1 réponse
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
symboles et écritures pour nick msn
Pando -
roro -

20 réponses